May 2017 Consumer Feature

When’s the last time you thought about your passwords? With over 90 billion passwords in existence today, the overall shift to online platforms and the boom in social media usage have made passwords an integral part of our daily online lives.

Whether it’s connecting to a game with a Facebook profile, sharing Netflix credentials with a roommate, or asking a spouse to check a bank account statement, sharing our passwords has become a trend that we don’t often realize is putting our information at risk.

Are we really expected to have a separate password for each of our numerous online accounts – and do all of them have to be ridiculously long, confusing and hard to remember? We’re instructed not to write them down or keep them on our mobile devices so… how are we supposed to keep track of them?

We get it. It’s a pain to stay on top of your passwords. Making sure they’re both secure enough to protect your information and easy enough to remember can be challenging. Unfortunately, hackers are also aware of this challenge and target login credentials to gain access to more of your personal information. To keep your sensitive information on lockdown, it’s now more important than ever to keep your passwords secure and away from the criminals trying to steal them.

Social media and stolen passwords

It’s probably easier to count how many people you know that don’t use social media than the ones you know that do. In 2005, Pew Research Center found that 10 percent of adults online used at least one social media platform. Today, that number has increased to 84 percent.

The 86 percent of users who limit the information they display on their profiles speaks to how frequently social media accounts are hacked. In total, 2016 saw 3 billion user credentials stolen. Broken down, that’s 8.2 million a day, or 95 cracked credentials a second.

Social media platforms have begun utilizing what is known as “social media logons” that allow users to access multiple applications or accounts with one set of login credentials. Dating apps like Tinder or games like Pokémon GO allow you to use their services by logging in through your social media accounts.

“Social media sites can lead users to believe their information and data are secure through a few self-selected security settings. But today’s cybersecurity criminals can often get around basic passwords and uncover personal information.”

– Dan Kozen, College of Information Systems and Technology, University of Phoenix

Since Internet users have an average of 25-35 different passwords each, using one set of login credentials for multiple accounts seems like an easy way to keep track of them, right?

Wrong. In fact, linking accounts under a single set of credentials makes it easier for hackers to gain access to more of your information. In cases like the LinkedIn and Myspace data breaches, stolen login credentials from one site were used to legitimately log into other accounts like Amazon, Netflix and eBay.

One security expert noted that this phenomenon may seem to make life easier, but is, instead, inviting criminals into your linked accounts. In contrast to having passwords that are consistently changing and vary from account to account, the static nature of social logons allows continuous open access to any account linked with those credentials.

Passwords are here to stay

Experts predict that today’s 90 billion passwords will increase to 300 billion by 2020. This increase broadens what security professionals refer to as the “password attack surface.” Simply put, increasing the number of existing passwords online gives criminals a larger pool of data to work with.

Stolen passwords are also predicted to cost the U.S. approximately $6 trillion in cybercrime damages by 2021. In 2016 alone, 63 percent of data breaches were caused by stolen, weak or default passwords.

In our day-to-day lives, we can forget how important it is to secure our passwords. While a study showed that 73 percent of people consider sharing passwords risky, 95 percent said they share up to six passwords with others. Additionally, more than half admitted to reusing their passwords on multiple sites.

“Passwords are absolutely not dead – they are not even declining – and there is currently no technology that is replacing them.”

– Joseph Carson, security expert at Thycotic

What should you do?

Since your passwords are the keys that can unlock much more than meets the eye, protecting them is critical to safeguarding your personal and financial information.

Here’s four easy ways to keep your passwords safe:

  1. Create strong, secure passwords. Use a combination of lowercase and uppercase letters, numbers and special characters.
  2. Don’t share your passwords. If you must share your passwords, be sure that you change them immediately after they’ve been used.
  3. Change passwords regularly. We know you’ve heard this before, but a good rule of thumb is to change passwords every 90 days.
  4. Take advantage of your Password Manager tool – a great alternative to writing your passwords down or keeping them on your phone.